Пользователи Binance стали жертвами мошеннической SMS-атаки
March 03, 2025
Several users of the cryptocurrency exchange Binance have reported a fraudulent SMS attack that resulted in the loss of their funds.
The scammers used a sophisticated method: a phishing message appeared in the official Binance message thread, making it almost indistinguishable from legitimate exchange notifications.
Victim’s Account of the Fraud Scheme
One of the affected users, Joe Zhou, shared his experience in a LinkedIn post. He received an SMS from the same Binance number that had previously sent verification codes. The message claimed that someone was attempting to access his account from North Korea.
Alarmed, Zhou called the number provided, where an unknown person introduced himself as a Binance partner and advised him to create a SafePal wallet. The scammer referred to an article that allegedly confirmed his claims. He repeatedly asked about Zhou’s assets and insisted that he transfer all funds for an "investigation."
Following the instructions, Zhou created a wallet and began withdrawing funds from Binance. However, he later suspected fraud and contacted a Binance acquaintance, who confirmed that it was a scam.
Zhou attempted to recover his assets, but the scammer simultaneously began withdrawing the funds. He ran out of funds to cover transaction fees, and when he tried to exchange ETH, his balance was wiped out.
Fraudsters' Methods
The Chief Information Security Officer (CISO) of SlowMist stated that the attack was complex and technically sophisticated. He noted that the scammers might have used:
- Spoofing (SMS forgery). They manipulated sender numbers, embedding fraudulent messages into legitimate Binance conversations.
- Attacks on SMS gateways. Exploiting vulnerabilities in telecom operators or third-party SMS service providers.
- Supply chain compromise. The scammers may have hacked gateways or collaborated with SMS service providers to forge official responses.
The expert noted that such methods make fraud detection more difficult and increase risks for cryptocurrency exchange users.